//package com.yao.securitydemo.config;
//
//import org.springframework.beans.factory.annotation.Autowired;
//import org.springframework.context.annotation.Bean;
//import org.springframework.context.annotation.Configuration;
//import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
//import org.springframework.security.config.annotation.web.builders.HttpSecurity;
//import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
//import org.springframework.security.core.userdetails.UserDetailsService;
//import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
//import org.springframework.security.crypto.password.PasswordEncoder;
//
///**
// * @author tututu
// * @description
// * @date 2022/4/22 23:05
// */
//@Configuration
//public class SecurityConf1 extends WebSecurityConfigurerAdapter {
//
//    @Autowired
//    private UserDetailsService userDetailsService;
//
//    @Override
//    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
//        auth.userDetailsService(userDetailsService).passwordEncoder(passwordEncoder());
//    }
//
//    @Bean
//    public PasswordEncoder passwordEncoder(){
//        return new BCryptPasswordEncoder();
//    }
//
//    @Override
//    protected void configure(HttpSecurity http) throws Exception {
//        //配置没有权限  跳转的页面
//        http.exceptionHandling().accessDeniedPage("/unauth.html");
//        //退出设置
//        http.logout().logoutUrl("/logout").logoutSuccessUrl("/test/hello").permitAll();
//
//        http.formLogin() //自定义自己编写的登录页面
//            .loginPage("/login.html") //登录页面设置
//            .loginProcessingUrl("/user/login") //登录访问路径
//            .defaultSuccessUrl("/success.html").permitAll()   //登录成功之后，要跳转的路径
//            .and().authorizeRequests()
//                  .antMatchers("/","/test/hello","/user/login").permitAll()   //设置那些路径可以直接访问，不需要认证
//                  //.antMatchers("/test/index").hasAuthority("admins")
//                  .antMatchers("/test/index").hasAnyRole("sale1")
//                  .anyRequest().authenticated()
//                .and().csrf().disable();  //关闭csrf防护
//
//    }
//}
